<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Sign In</title>
<style type="text/css">
#Pannel {
	position:absolute;
	width:989px;
	height:952px;
	z-index:3;
	left: 263px;
	top: 250px;
}
</style>
</head>

<body>
<pre><p>                           <a href="index.php" ><img src="../Resources/eMart logo.png" width="170" height="67" alt="Logo" /></a>                                                               <b><a  style="color:#000; text-decoration:none;" href="customer_support.php">Customer Support</a>  |  <a style="color:#000; text-decoration:none;" href="Terms.php">Privacy Policy</a></b>
<div id="DivHR"><hr/></div>
<div align="center">
  <fieldset  style="width:820px" align="left">
  <legend align="center">User Login</legend>
  <form action="login.php" method="post">
    <table align="center" width="250">
            <tr>
                <td>
                    Email Address: 
                </td>
                <td>
                    <input type="text" name = "email" />
                </td>
            </tr>
            <tr>
                <td>
                    Password:
                </td>
                <td>
                    <input type="password" name="passcode" />
                </td>
            </tr>
        </table> 
       <center><input type="submit"  name = "submit" value="Sign In" />        <a href="Register.php">Register?</a></center></form> </fieldset>

  
</div>
</body>
<?php
session_start();





if (isset($_POST['submit']))
{
	$passcode = $_POST['passcode'];
	$email = $_POST['email'];
	
	$connect = mysql_connect("localhost","root","") or die ("Could not connect to DB!");
	mysql_select_db ("web project",$connect) or die ("could not select db!");
	
	$query = mysql_query("SELECT * FROM members ");
	$found = FALSE;
	

	
	while ($row = mysql_fetch_array($query))
	{	
		if (($row['email'] == $email) && ($row['Password'] == $passcode))
		{			
			$found = TRUE;
			$_SESSION['passcode'] = $passcode;
			break;
		}
		
	}
	if ($found == TRUE)
	{
		
		$_SESSION['fname'] = $row['First_Name'];
		$_SESSION['lname'] = $row['Last_Name'];
		$_SESSION['status'] = "IN";
		$_SESSION['id'] =$row['Mem_ID'];
		session_cache_expire( 5 );

			// set timeout period in seconds
			$inactive = 300;
			 
			// check to see if $_SESSION['timeout'] is set
			if(isset($_SESSION['timeout']) ) {
				$session_life = time() - $_SESSION['timeout'];
				if($session_life > $inactive)
					{ session_destroy(); 
					header("Location: timeout.php"); }
			}
			$_SESSION['timeout'] = time();
		echo "<meta http-equiv='refresh' content='0;url=index.php'>";
			
		
	}
	$query2 = mysql_query("SELECT * FROM admins");
	$found2 = FALSE;
	
	$row2 = mysql_fetch_array($query2);
		
		if (($row2['email'] == $email) && ($row2['Password'] == $passcode))
		{			
			$found2 = TRUE;
			
			//$_SESSION['passcode'] = $passcode;
			print "<meta http-equiv='refresh' content='0;url=Admin.php'>";
 			exit;
		
		}

	
		session_cache_expire( 5 );

			// set timeout period in seconds
			$inactive = 300;
			 
			// check to see if $_SESSION['timeout'] is set
			if(isset($_SESSION['timeout']) ) {
				$session_life = time() - $_SESSION['timeout'];
				if($session_life > $inactive)
					{ session_destroy(); 
					header("Location: timeout.php"); }
			}
			$_SESSION['timeout'] = time();
		echo "<meta http-equiv='refresh' content='0;url=index.php'>";
			
		
	

	
	if (($found == FALSE)&&($found2 == FALSE))
	{
		echo '<script language="javascript">alert("The Email Address and Password entered do not match! Please Try again . . .")</script>;'; 
	}
}

?>

</html>